from the this-is-ok-too dept

With the event at Santa Clara earlier this month, and the companion essays published here, we've been talking a lot lately about how platforms moderate content. It can be a challenging task for a platform to figure out how to balance dealing with the sometimes troubling content it can find itself intermediating on the one hand and free speech concerns on the other. But at least, thanks to Section 230, platforms have been free to do the best they could to manage these competing interests. However you may think they make these decisions now, they would not come out any better without that statutory protection insulating them from legal consequence if they did not opt to remove absolutely everything that could tempt trouble. If they had to contend with the specter of liability in making these decisions it would inevitably cause platforms to play a much more censoring role at the expense of legitimate user speech.

Fearing such a result is why the Copia Institute filed an amicus brief at the Ninth Circuit last year in Fields v. Twitter, one of the many "how dare you let terrorists use the Internet" cases that keep getting filed against Internet platforms. While it's problematic that they keep getting filed, they have fortunately not tended to get very far. I say "fortunately," because although it is terrible what has happened to the victims of these attacks, if platforms could be liable for what terrorists do it would end up chilling platforms' ability to intermediate any non-terrorist speech. Thus we, along with the EFF and the Internet Association (representing many of the bigger Internet platforms), had all filed briefs urging the Ninth Circuit to find, as the lower courts have tended to, that Section 230 insulates platforms from these types of lawsuits.

A few weeks ago the Ninth Circuit issued its decision. The good news is that this decision affirms that the end has been reached in this particular case and hopefully will deter future ones. However the court did not base its reasoning on the existence of Section 230. While somewhat disappointing because we saw this case as an important opportunity to buttress Section 230's critical statutory protection, by not speaking to it at all it also didn't undermine it, and the fact the court ruled this way isn't actually bad. By focusing instead on the language of the Anti-Terrorism Act itself (this is the statute barring the material support of terrorists), it was still able to lessen the specter of legal liability that would otherwise chill platforms and force them to censor more speech.

In fact, it may even be better that the court ruled this way. The result is not fundamentally different than what a decision based on Section 230 would have led to: like with the ATA, which the court found would have required some direct furtherance by the platform of the terrorist act, so would Section 230 have required the platform's direct interaction with the creation of user content furthering the act in order for the platform to potentially be liable for its consequences. But the more work Section 230 does to protect platforms legally, the more annoyed people seem to get at it politically. So by not being relevant to the adjudication of these sorts of tragic cases it won't throw more fuel on the political fire seeking to undermine the important speech-protective work Section 230 does, and then it hopefully will remain safely on the books for the next time we need it.

[Side note: the Ninth Circuit originally issued the decision on January 31, but then on 2/2 released an updated version correcting a minor typographical error. The version linked here is the latest and greatest.]

from the copywrong dept

We should all know by now that Facebook's reliability to handle copyright takedown requests is... not great. Like far too many internet platforms these days, the site typically puts its thumbs heavily on the scales such that the everyday user gets far less preference than large purported rights holders. I say "purported" because, of course, many bogus takedown requests get issued all the time. It's one of the reasons that relying on these platforms, when they have shown no willingness to have any sort of spine on copyright matters, is such a mistake.

But few cases are as egregious as that of Leo Saldanha, a well-known environmental activist in India. When I tell you that Saldanha had a Facebook post taken down over a copyright notice, you must certainly be thinking that it had something to do with environmental activism. Nope! Actually, Saldanha wrote an all-text mini-review of an Indian film, Padmaavat, which was taken down after the distributor for the film claimed the post infringed on its copyrights. Here is the entirety of his post that was taken down.

“In my view, #padmaavat is a bore fest. Halfway the movie was coming to an end, I felt. But then woke up to the cruel fact there still was the other half, and it involved the horribly cruel act of mass suicide. There is something horribly wrong about a film, when a man’s voice reasserts, that this gory act was to protect ‘Bharat’s swabhimaan, or something to that effect.”

“The whole movie has one plot: of owning a woman. And all the characters conspire to subordinate women. True, this is a mythological account of times far in the past. But that one statement after the movie emphasises horrendous social mores of a medieval time and contextualises it as relevant to our times. Movies like these aren’t made with innocent intentions. Ranveer Singh is an incredible actor!”

Seriously, that text is the entire post. And I have to say that it's quite tame as far as movie reviews go, not to mention fairly relevant from a movie critique standpoint. This wasn't someone dumping on the movie for fun. Saldanha had a well thought out point, no matter of whether anyone might agree with the content of his argument. Certainly nothing in that is copyright infringement by any measure.

Yet Viacom 18 issued the takedown request and Facebook complied. Not only did it comply, in fact, but when Saldanha pushed back on Facebook trying to figure out what the hell was going on here, the only reply from the site was to warn of a perma-ban for repeated infringement and a recommendation to get Viacom 18's permission to post his review. Saldanha, to put it lightly, was not pleased with this response.

Speaking to TNM, Saldanha says that he is deeply offended by the messages he received from Facebook and the allegation that he had violated anyone’s rights on any social media platform.

“Anyone should be free to express in any form, their views about public matters. This includes the right to agree, disagree and the right to dissent. I also maintain that I have never used threatening language while offering my opinion on any issue that is public, or of any public person. The fact that Facebook pulled down my post is a serious issue. This only shows that Facebook leans towards those with financial muscle. Viacom18 clearly does not want critical views for the movie,” Saldanha says.

There are all sorts of ways this could have happened -- but none of them make either Viacom 18 or Facebook look good. The most immediate theory would be Viacom 18 abusing copyright law to take down a negative review -- and Facebook assisting without a good reason. A more charitable (though still terrible) explanation would chalk it up to (once again) horrible automated systems flagging anything mentioning Padmaavat and falsely assuming it's infringing. And, again, Facebook assisted this without good reason. No matter what it's yet another example in our increasingly long list of cases where copyright is used for censorship.

from the internet-of-very-broken-things dept

By now it has been pretty well established that the security and privacy of most "internet of things" devices is decidedly half-assed. Companies are so eager to cash in on the IOT craze, nobody wants to take responsibility for their decision to forget basic security and privacy standards. As a result, we've now got millions of new attack vectors being introduced daily, including easily-hacked "smart" kettles, door locks, refrigerators, power outlets, Barbie dolls, and more. Security experts have warned the check for this dysfunction is coming due, and it could be disastrous.

Smart televisions have long been part of this conversation, where security standards and privacy have also taken a back seat to blind gee whizzery. Numerous set vendors have already been caught hoovering up private conversations or transmitting private user data unencrypted to the cloud. One study last year surmised that around 90% of smart televisions can be hacked remotely, something intelligence agencies, private contractors and other hackers are clearly eager to take full advantage of.

Consumer Reports this week released a study suggesting that things aren't really improving. The outfit, which is working to expand inclusion of privacy and security in product reviews, studied numerous streaming devices and smart TVs from numerous vendors. What they found is more of the same: companies that don't clearly disclose what consumer data is being collected and sold, aren't adequately encrypting the data they collect, and still don't seem to care that their devices are filled with security holes leaving their customers open to attack.

The company was quick to highlight Roku's many smart TVs and streaming devices, and the company's failure to address an unsecured API vulnerability that could allow an attacker access to smart televisions operating on your home network. This is one of several problems that has been bouncing around since at least 2015, notes the report:

"The problem we found involved the application programming interface, or API, the program that lets developers make their own products work with the Roku platform. “Roku devices have a totally unsecured remote control API enabled by default,” says Eason Goodale, Disconnect’s lead engineer. “This means that even extremely unsophisticated hackers can take control of Rokus. It’s less of a locked door and more of a see-through curtain next to a neon ‘We’re open!’ sign."

To become a victim of a real-world attack, a TV user would need to be using a phone or laptop running on the same WiFi network as the television, and then visit a site or download a mobile app with malicious code. That could happen, for instance, if they were tricked into clicking on a link in a phishing email or if they visited a site containing an advertisement with the code embedded."

Roku was quick to issue a blog post stating that Consumer Reports had engaged in the "mischaracterization of a feature," and told its customers not to worry about it:

"Consumer Reports issued a report saying that Roku TVs and players are vulnerable to hacking. This is a mischaracterization of a feature. It is unfortunate that the feature was reported in this way. We want to assure our customers that there is no security risk.

Roku enables third-party developers to create remote control applications that consumers can use to control their Roku products. This is achieved through the use of an open interface that Roku designed and published. There is no security risk to our customers’ accounts or the Roku platform with the use of this API. In addition, consumers can turn off this feature on their Roku player or Roku TV by going to Settings>System>Advanced System Settings>External Control>Disabled."

Roku fails to mention that doing so disables the ability for consumers to control the device with Roku's own app, taking away valuable functionality from the end user (something Consumer Reports mentions in its write up). And Roku doesn't even address the other complaints in the report, including concerns that streaming hardware and TV companies aren't making data collection and third-party sales clear, aren't clearly showcasing their privacy policies, and often don't let users opt out of such collection without losing functionality (much like the broadband ISPs and numerous services and apps these devices are connected to).

Roku's response highlights the SOP approach (somebody else's problem) inherent in the IOT. As experts like Bruce Schneier have repeatedly noted, the tech industry is caught in a cycle of security dysfunction where nobody in the chain has any real motivation to actually fix the problem:

"The market can't fix this because neither the buyer nor the seller cares. Think of all the CCTV cameras and DVRs used in the attack against Brian Krebs. The owners of those devices don't care. Their devices were cheap to buy, they still work, and they don't even know Brian. The sellers of those devices don't care: they're now selling newer and better models, and the original buyers only cared about price and features. There is no market solution because the insecurity is what economists call an externality: it's an effect of the purchasing decision that affects other people. Think of it kind of like invisible pollution."

Schneier has repeatedly warned that we need cooperative engagement between governments, companies, experts and the public to craft over-arching standards and policies. The alternative isn't just a few hacks and embarrassing PR gaffes now and again. The influx of millions of poorly secured internet-connected devices (many of which are being automatically integrated into historically-nasty botnets) is a massive dumpster fire with the potential for genuine human casualties. It's easy to downplay these kinds of reports as just "a few minor problems with a television set," but that ignores the massive scope of the problem and the chain of security and privacy apathy that has created it.

from the asshole-seeks-open-platform-for-assholes dept

Eric Goldman has come across an amazing pro se lawsuit [PDF] being brought by Nicholas C. Georgalis, an aggrieved social media user who believes he's owed an open platform in perpetuity, no matter what awful things he dumps onto service providers' pages. Oh, and he wants Section 230 immunity declared unconstitutional.

Georgalis -- who sidelines as a "professional training professionals" when not filing stupid lawsuits -- is suing Facebook for periodically placing him in social media purgatory after removing posts of his. The lawsuit is heady stuff. And by "heady stuff," I mean we're going to be dealing with a lot of arguments about "sovereign rights" and "common law" and other related asshattery.

Here's the opening. And it only gets better/worse from there:

Now comes Plaintiff in suit in a court of law holding Facebook, Inc, Defendant, liable for willfully and with malice aforethought abrogating the priceless, God given, and thus inalienable right to free Speech, freedom of the press, freedom of religion, and the inalienable right to due process as guaranteed under the First and Fifth Amendment of the US Constitution respectively…

[...]

Plaintiff has standing through Defendant's repeated, prolonged, and unconstitutional blocking, and otherwise restricting with great aplomb, Plaintiff's ability to post his public comments which include, but are not limited to political opinions, philosophical observations, cultural observations, religious and scientific observations, and ideas on Defendant's publicly offered and universally available electronic platform. Such ideas and opinions are the private property of Plaintiff and not to be taken without due process by anyone including Defendant.

This is the first time I've seen it argued that a private corporation's moderation decisions are a Fifth Amendment violation. Nonetheless, that's what we're dealing with. Georgalis has been temp-banned repeatedly and had posts removed. Well, let's take a look at the value Georgalis is adding to the Facebook platform.

[O.J.] simpson - more proof that you can take a darkie out of the jungle but you can't take the jungle out of the darkie.

[...]

The Negroid evolved from lower animals while God created the Caucasoid and the Mongoloid evolved from the the Caucasoid. This find merely proves that the modern human visited Africa after the Creation.

[...]

I agree with the fact that this proposed union will taint the blood of the Royal Family. Miscegenation of this sort is akin to bestiality and thus an affront to God and to man. It is a threat to the survival of mankind. It must not stand.

That's just a taste of the stuff that's still live. The lawsuit provides no detail on the posts Facebook has found offensive enough to remove. Georgalis is a Trump fan (he often refers to Trump as a capital-K "King") and an obvious bigot. That he receives a lot of direct moderation from Facebook isn't surprising. But Georgalis somehow believes deep in his sovereign, bigoted heart that Facebook should never take action against his account or Facebook posts.

Here's how he explains it:

Defendant has repeatedly denied and thus silenced Plaintiff ability to express his opinion on Defendant's publicly and universally available electronic forums which said opinions or comments Defendant disagrees or finds otherwise objectionable. Indeed Defendant has had the audacity to remove content posted by Plaintiff that Defendant did not like and thus erasing his written words, which are his property, from the sight and memory of man and the eyes of posterity. In so doing Defendant promotes his political, cultural, religious, philosophical, and economic opinions and ideas above all others and at the expense of Plaintiff's before the voting public…

Good lord.

Georgalis' Section 230 argument is just as bad as everything proceeding it. To sum up (because direct quoting would eat up pages of text and valuable real estate in readers' brains), Georgalis argues the immunity provided to service providers by Section 230 means they should never have to practice moderation. If they're immune from civil liability for end users' posts and actions, they shouldn't take action ever against third-party content. Georgalis targets Section 230 (2)(A) specifically -- the part that states ISPs will not be held liable for voluntary moderation efforts. In Georgalis' eyes, this elevates Facebook, et al into proxy censors of unpopular speech and somehow confers sovereign status to social media platforms. Georgalis' twisted legal argument comes to the conclusion that Section 230 is a violation of the "separation of powers enshrined in the enumerated powers of the US Constitution." Therefore: unconstitutional.

And then the lawsuit goes on for another dozen pages, which deploy even more ridiculous arguments in an attempt to talk the court into viewing social media companies as extensions of the government. This becomes even more cognitively dissonant when Georgalis' favored political leader and party are running the country. His "king" is somehow using Section 230 to shut down opinions the government doesn't like, even if his opinions are probably of the sort the current government does like. Go figure.

Total damages requested are $1 billion. Because you can't put a price tag on free speech. But if you do have to come up with an estimate, be insanely ridiculous about it. This damage award is buttressed by arguments that government taxation and liberal social policies have stifled the US economy so much Georgalis would be almost 80 times as wealthy as he currently is. Or something.

The punitive damages are also supported by the fact that the statist and stoic philosophy and ideology and Keynesian economics promulgated by the Defendant as earnestly implemented by the US governance, education and other institutions since 1930 has led to tremendous economic losses. Exhibit 1 presents an analysis of the extent of the damage done to the US economy by the statist and stoic ideology espoused by Defendant wherein the 2016 GDP would have been almost 80 times larger in constant dollars.

To add the final inadvertent lol to Georgalis' stupid lawsuit, he's appended a copyright notice to every page of the filing claiming no one can copy or reproduce it without his written permission. You'll note the lawsuit is linked above and embedded below. It's also quoted as extensively as I could stomach. So... ball's in your common law court, Nick.

Ohio Civil Rule 56, Summary Judgment is unconstitutional because it deprives litigants, in the instant case Plaintiffs/Appellants, the constitutional right to trial by jury. Accordingly it violates Article 1.05 of the Ohio Constitution which plainly and unequivocally states that "The right of trial by jury shall be inviolate... " Ohio Civil Rule 56 endows powers upon the court that were never intended by the authors of the Ohio Constitution and the people of the State of Ohio who ratified the constitution. Summary judgment usurps the constitutional power of the jury to decide the facts in a case and instead unconstitutionally endows the judge with these powers, powers that the judge was never intended to have.

Georgalis appears to believe he's continually being deprived of due process, even when he's engaged in civil litigation. The Fifth Amendment only covers criminal cases. He also believes the state should waste more money paying jurors, judges, and lawyers to ensure every ridiculous lawsuit gets presented to a jury. I can't see how he squares this with his small government assertions. (This filing probably has more to do with him being on the hook for appellate fees from his failed defamation lawsuit than any pure notion of constitutionality.)

Then there's Georgalis' multiple battles with public entities over the release of certain information. It appears Georgalis has asked several states to hand over info on registered engineers, including their email addresses. His appeal to the state of Delaware was denied by the attorney general, who pointed out Georgalis hardly has the public interest in mind when demanding info on licensed engineers.

Here, DAPE (Delaware Association of Professional Engineers) does not dispute that the right to privacy may be outweighed by the public interest in disclosure. Rather, DAPE argues that your request is a clear attempt to further your private commercial interest and in no way contributes to the public understanding of the activities of the government. DAPE notes that you are a developer and instructor of training courses, which you make available to professional engineers for a fee, and argues that you are using FOIA to obtain the email addresses of private citizens who meet the target audience of your product for sale.

This suit will be tossed and undoubtedly Georgalis will mark this up to the government protecting its own -- even if the current government is the government he desires and "its own" is a private corporation that provides a social media service it can moderate however it wants without troubling the Constitution.

from the good-deals-on-cool-stuff dept

Give your IT career a boost with the Complete 2018 CompTIA Certification Training Bundle. 14 courses cover the most common hardware and software technologies in business, and the skills necessary to support complex IT infrastructures. The courses are designed to help you study for sitting the various CompTIA certification exams. The bundle is on sale for $59.

Note: The Techdirt Deals Store is powered and curated by StackCommerce. A portion of all sales from Techdirt Deals helps support Techdirt. The products featured do not reflect endorsements by our editorial team.

from the took-too-long-already dept

Back in December, right before the Waymo/Uber trial was supposed to begin (before it got delayed due to an unexpected bombshell about withholding evidence that... never actually came up at the trial), I had a discussion with another reporter about the case, in which we each expressed our surprise that a settlement hadn't been worked out before going to trial. It seemed as though part of the case was really about the two companies really disliking each other, rather than there being a really strong legal case.

A year ago, when the case was filed, I expressed disappointment at seeing Google filing this kind of lawsuit. My concern was mainly over the patent part of the case (which were dropped pretty early on), and the fact that Google, historically, had shied away from suing competitors over patents, tending to mostly use them defensively. But I had concerns about the "trade secrets" parts of the case as well. While there does seem to be fairly clear evidence that Anthony Levandowski -- the ex-Google employee at the heart of the discussion -- did some sketchy things in the process of leaving Google, starting Otto, and quickly selling Otto to Uber, the case still felt a lot like a backdoor attempt to hold back employee mobility.

As we've discussed for many years, a huge part of the reason for the success of Silicon Valley in dominating the innovation world has to do with the ease of employee mobility. Repeated studies have shown that the fact that employees can switch jobs easily, or start their own companies easily, is a key factor in driving innovation forward. It's the sharing and interplay of ideas that allows the entire industry to tackle big problems. Individual firms may compete around those big breakthroughs, but it's the combined knowledge, ideas, and perspective sharing that results in the big breakthroughs.

And even though that's widely known, tech companies have an unfortunate history of trying to stop employees from going to competitors. While non-competes have been ruled out in California, a few years back there was a big scandal over tech companies having illegal handshake agreements not to poach employees from one another. It was a good thing to see the companies fined for such practices.

However, the latest move is to use "trade secrets" claims as way to effectively get the same thing done. The mere threat of lawsuits can stop companies from hiring employees, and can limit an employee's ability to find a new job somewhere else. That should concern us all.

However, in this lawsuit, everything was turned a bit upside down. Part of it was that there did appear to be some outrageous behavior by Levandowski. Part of it was that, frankly, there are few companies out there disliked as much as Uber. It does seem that if it were almost any other company on the planet, many more people would have been rooting against Google as the big incumbent suing a smaller competitor. But, in this case, many many people seemed to be rooting for Google out of a general dislike of Uber itself.

My own fear was that this general idea of "Uber = bad" combined with "Levandowski doing sketchy things" could lead to a bad ruling which would then be used to limit employee mobility in much more sympathetic settings. Thankfully, that seems unlikely to happen. As Sarah Jeong (who's coverage of this case was absolutely worth following) noted, despite all the rhetoric, it wasn't at all clear that Waymo proved its case. Lots of people wanted Google/Waymo to win for emotional reasons, but the legal evidence wasn't clearly there.

And now the case is over. As the trial was set to continue Friday morning, it was announced that the two parties had reached a settlement, in which Uber basically hands over a small chunk of equity to Waymo (less than Waymo first tried to get, but still significant). As Jeong notes in another article, both sides had ample reasons to settle -- but the best reason of all to settle is so that they can focus on just competing in the market, rather than the courtroom and in not setting bad and dangerous precedent concerning employee mobility in an industry where that's vital.

from the innovation-trumps-math dept

You might recall that just a few years ago, HBO had to be dragged kicking and screaming into the modern era. For years the company refused to offer a standalone streaming TV service, worried that it would jeopardize the company's cozy promotional relationship with existing cable providers (who often all but give away the channel in promotions). As recently as 2013 Time Warner CEO Jeff Bewkes was claiming that such an offering would make "no economic sense."

Why? Bewkes was worried that offering a standalone option would upset cable partners. At the time, those partners were already offering an HBO streaming app named HBO Go, but only if you signed up for traditional TV. This was art of the industry's walled garden "TV Everywhere" initiative, a misguided attempt at stopping cord cutters by only giving them innovative streaming services -- if they signed up for bloated, traditional television bundles. Bewkes was clearly worried at the time that being too damn innovative would upset industry executives and skew the company's balance sheets:

"And we would do it if we thought it was in our economic best interest. At this point we don’t think it makes sense. We don’t think the target market is sufficiently large to be attractive at this point. So what we’re doing, and we think this is working pretty well — we’re working with the [pay TV operators] to increase the penetration of HBO Go in a mutually beneficial way."

At the time we noted how HBO was letting fear trump innovation. The company was focusing so much on avoiding upsetting cable operators and worrying over the initial impact on the traditional cable TV cash cow, that it forgot that innovation often trumps the math. In reality, the math Bewkes was concerned about were performance and metrics built on a different, changing market that was on the way out. This kind of hesitation was initially great news for Netflix, whose CEO saw all of this coming long before HBO executives did:

"The goal," says Hastings, "is to become HBO faster than HBO can become us."

All the while, HBO and Time Warner's timidity and failure to listen to consumers resulted in many of its shows breaking piracy records. And while HBO couldn't be bothered to offer a legitimate standalone streaming alternative to piracy, it did spend a lot of time and money trying to derail these efforts, including "poisoning" seeded copies of HBO programs on BitTorrent and sending out oodles of nastygrams to ISPs. Other HBO executives, meanwhile, seemed to share the cable industry mindset that this whole cord cutting thing was just a temporary phenomenon that would blow over.

HBO finally did buckle to offering a standalone streaming service (dubbed HBO Now) in 2014. Just a few years later and the service has just breached 5 million subscribers. And oh, the numbers HBO was so worried about are looking solid too, with HBO Now generating $19 million in revenues for the two months it aired of Game of Thrones Season 7. In this case it all worked out well for HBO, but the company could have enjoyed a much healthier head start if it company executives hadn't let fear trump natural evolution.

Vance still makes annual pitches for law enforcement-friendly encryption -- something that means either backdoors or encryption so weak it can be cracked immediately. Both ideas would also be criminal-friendly, but Vance is fine with sacrificing personal security for law enforcement access. Frequently, these pitches are accompanied with piles of uncracked cellphones -- a gesture meant to wow journalists but ultimately indicative of nothing more than how much the NYPD can store in its evidence room. (How many are linked to active investigations? How many investigations continued to convictions without cellphone evidence? Were contempt charges ever considered to motivate cellphone owners into unlocking phones? So many questions. Absolutely zero answers.)

Announced last year, the shift will see some 36,000 Nokia handsets replaced over the coming weeks. Initially purchased in 2014 as part of a $160 million program to modernize police operations, the Nokia phones running Windows Phone will be collected, wiped and sold back to the company.

The move to iPhone 7 comes at no cost to the NYPD, as the handsets are considered upgrades under the agency's contract with AT&T.

NYPD's rollout began last month when officers patrolling the Bronx and Staten Island swapped their obsolete Nokia smartphones for Apple devices. The department is handing out about 600 iPhones per day, according to NYPD Deputy Commissioner for Information and Technology Jessica Tisch.

Let's get some crippled encryption for these guys. After all, their phones are manufactured by a company an FBI forensic detective called an "evil genius." Let's give malicious hackers an attack vector and street criminals more reasons to lift an iPhone off… well, anybody. By all means, let's give Vance what he wants and see if he hears anything back from his buddies in blue.

This upgrade puts Vance in a lose-lose situation. If he stops calling for weakened encryption, he's a hypocrite. If he keeps calling for it, he's an asshole. But it should drive home an important point: encryption doesn't just protect the bad guys. It protects the good guys as well.

from the you-said-it dept

This week, our first place winner on the insightful side comes in response to the FCC's refusal to release certain records to a FOIA request. David noted that their reason — "to prevent harm to the agency" — was a big problem:

It's not the job of the agency to prevent harm to the agency. It is the job of the agency to prevent harm to consumers. The ones paying its salaries. The FOIA act ensures that the employers of public officials have the means to make sure that the officials are doing the job they are being paid for by the people.

If that would be detrimental to the good of the agency, the good of the agency is not aligned with the good of the people and salaries are obtained under fraudulous pretenses.

Basically the answer is "Accountability? I beg your pardon, we are criminals!"

And there were court battles over exactly that, a century or so ago. The upshot was that the phone companies weren't liable.

Online services had battles over this before the Communications Decency Act:

In 1991 Cubby v. CompuServe ruled that CompuServe was merely a distributor, rather than a publisher. It was only liable for defamation if it knew, or had reason to know, of the defamatory nature of content in its forums. Since it wasn't moderating them, it didn't know.

In 1995 Stratton Oakmont v. Prodigy went the other way. Prodigy moderated its forums, wanting a family-friendly environment. And so the court ruled that it was liable for what was posted.

All of which could only mean one thing: Online services that chose to remain ignorant of their content were immune from liability. Those that moderated content, even in good faith, assumed full publisher liability.

1996's CDA 230 changed this. It's now safe to make good faith efforts to prevent criminal activity. Remove 230's protections, and we may go back to "ignorance is safety."

Which would be a gift to the criminals, though those who want to kill CDA 230 will deny it.

In a stunning case of "own goal", the very end of the memo points out that the FBI had an investigation going long before the Steele memo (which isn't a memo at all, but a series of reports) came along. There are two reasons that the FBI paid attention to the Steele memo: (1) Steele has a reputation, a very good one, along with lots of experience and a sizable network of contacts (2) the contents of Steele documents matched things THEY ALREADY KNEW TO BE TRUE.

The second point bears some explanation, because most of you don't have jobs that require the assessment of raw intelligence that comes from multiple people who may be omitting things or fabricating things or deliberately embedding some truth in a web of lies. The Steele memo is just that kind of raw intelligence, which is why -- if you take the time to read it -- you'll notice that Steele himself points out the possible presence of these issues.

But when you get your hands on raw intelligence, and it gives you -- let's say -- 100 facts that you can check, and you find that 82 of them are true, 16 are unverifiable, and 2 are false -- then you have good reason to think that at least some of those 16 are worth further investigation because they may well turn out to be true. That's why you get a warrant: first, to re-re-re-verify the 82 and second, to find out about those 16. That's your JOB.

Then of course you have to make some progress. Because if you don't, then you're not going to get multiple judges to renew your warrant multiple times. You might still not be able to check all 16 of those outstanding items, but if you can check 4 and make progress on 7, then you're getting there and it's reasonable for a judge to grant more time. If you can't check any of them, then maybe you're barking up the wrong tree and the warrant you seek isn't going to help anyway.

One more thing. This isn't an edge case. Anyone who goes out of their way to pal around with intelligence agents from another country, even a friendly one, should expect that they're going to get surveilled: by us, by them, and by third parties who are of course interested in such things for reasons of their own. And anyone who openly brags about it should REALLY expect scrutiny. I have no great love for the FBI, but in this case, they did exactly what any sensible organization should do: start watching people who are heavily interacting with known agents of a hostile foreign power.